Job security
As you noticed a long time ago, a new type of trojan is actively running through the network. There are already several types, but the task is as old as the world - to steal access and change information.
The first. Appearing a few months ago, he systematically began to disperse over the network, stealing ftp passwords and adding iframe to the index pages. According to some data, he first steals passwords, and then changes the index, on the other - on the contrary. My case was the second. First, I discovered that someone or something changed the index of my own site, from where my computer caught the worm. The worm did not find any Casper ( discussion on the site ) nor the nodes. Judging by the discussions in the network, drVeb ( topic ) and Norton have the same problem. But the action of the Trojan was blocked by Microsoft Antispayvarem, which can not but surprise. As for hosting, judging by the reviews of the victims, all sites on any hosting are susceptible to infection, as if the support of some of them (masterhost, for example) did not beat his heel in the chest, proving the use of the best antiviruses and the absence of problems. To please those who warn their users about the problem. Increase karma to those who offer more and effective solution.
Second. Apparently, the animal "cooperates" with the clipboard, replacing the number of wmz sender's wallets with strangers. As a result, the payer transfers money not to his partner, but to someone else. Reviews affected . Conclusion - Trojan works. Human task - to fix. Regardless of the result, it is recommended to use the protection code.
')
Third. According to cnews, “F-Secure and Sophos have discovered a new worm on the Web that spreads via Skype’s IP telephony instant messaging system. He collects the email addresses of the victims and sends links to himself and various websites to users from the contact list, PCAdvisor.co.uk reported.
The worm was named IM-Worm.W32 / Pykse.A (F-Secure) and Mal / Pykse-A (Sophos). Once launched, the worm’s executable code displays a “lightly dressed” woman; it also directs the user to 1 of at least 8 sites with information about Africa. It is not known whether these sites contain malicious code, but there is an advertisement on them, which may indicate an attempt to fraudulently cheat the advertising system. ”
In general, well done, those who keep their computer clean and tidy and cares about his health. And the rest we wish learns to be vigilant and to read Protection against trojans and rootkits for common development and help remove the Trojan from Read before requesting help! .
Good luck.
ps if someone wants to add or correct - well. just glad
The first. Appearing a few months ago, he systematically began to disperse over the network, stealing ftp passwords and adding iframe to the index pages. According to some data, he first steals passwords, and then changes the index, on the other - on the contrary. My case was the second. First, I discovered that someone or something changed the index of my own site, from where my computer caught the worm. The worm did not find any Casper ( discussion on the site ) nor the nodes. Judging by the discussions in the network, drVeb ( topic ) and Norton have the same problem. But the action of the Trojan was blocked by Microsoft Antispayvarem, which can not but surprise. As for hosting, judging by the reviews of the victims, all sites on any hosting are susceptible to infection, as if the support of some of them (masterhost, for example) did not beat his heel in the chest, proving the use of the best antiviruses and the absence of problems. To please those who warn their users about the problem. Increase karma to those who offer more and effective solution.
Second. Apparently, the animal "cooperates" with the clipboard, replacing the number of wmz sender's wallets with strangers. As a result, the payer transfers money not to his partner, but to someone else. Reviews affected . Conclusion - Trojan works. Human task - to fix. Regardless of the result, it is recommended to use the protection code.
')
Third. According to cnews, “F-Secure and Sophos have discovered a new worm on the Web that spreads via Skype’s IP telephony instant messaging system. He collects the email addresses of the victims and sends links to himself and various websites to users from the contact list, PCAdvisor.co.uk reported.
The worm was named IM-Worm.W32 / Pykse.A (F-Secure) and Mal / Pykse-A (Sophos). Once launched, the worm’s executable code displays a “lightly dressed” woman; it also directs the user to 1 of at least 8 sites with information about Africa. It is not known whether these sites contain malicious code, but there is an advertisement on them, which may indicate an attempt to fraudulently cheat the advertising system. ”
In general, well done, those who keep their computer clean and tidy and cares about his health. And the rest we wish learns to be vigilant and to read Protection against trojans and rootkits for common development and help remove the Trojan from Read before requesting help! .
Good luck.
ps if someone wants to add or correct - well. just glad
Source: https://habr.com/ru/post/6997/
All Articles